MDKSA-2003:071-1
- Package name
- xpdf
- Date
- 2003-07-23
- Advisory ID
- MDKSA-2003:071-1
- Affected versions
- 9.1 i586 , CS2.1 i586 , 9.1 i586 , 9.0 i586 , CS2.1 x86_64
Problem description
Martyn Gilmore discovered flaws in various PDF viewers, including xpdf. An attacker could place malicious external hyperlinks in a document that, if followed, could execute arbitary shell commands with the privileges of the person viewing the PDF document. Update: New packages are available as the previous patches that had been applied did not correct all possible ways of exploiting this issue.
Updated packages
9.1 i586
e4648afe258244c0bb59ecc533478816 ppc/9.1/RPMS/xpdf-2.01-2.2mdk.ppc.rpm cfe1fa4745fd0ab9488bc7490ba8919e ppc/9.1/SRPMS/xpdf-2.01-2.2mdk.src.rpm
CS2.1 i586
12939cf7ca98085acc4f6ba5d741a8c6 corporate/2.1/RPMS/xpdf-1.01-4.3mdk.i586.rpm 1a9bdf930d450c8b7f506d987805aa42 corporate/2.1/SRPMS/xpdf-1.01-4.3mdk.src.rpm
9.1 i586
6f95f03b679a5e834ce8e19f440ebeed 9.1/RPMS/xpdf-2.01-2.2mdk.i586.rpm cfe1fa4745fd0ab9488bc7490ba8919e 9.1/SRPMS/xpdf-2.01-2.2mdk.src.rpm
9.0 i586
12939cf7ca98085acc4f6ba5d741a8c6 9.0/RPMS/xpdf-1.01-4.3mdk.i586.rpm 1a9bdf930d450c8b7f506d987805aa42 9.0/SRPMS/xpdf-1.01-4.3mdk.src.rpm
CS2.1 x86_64
5f22b8c7e2a03f4ad1d452b23348c967 x86_64/corporate/2.1/RPMS/xpdf-1.01-4.3mdk.x86_64.rpm 1a9bdf930d450c8b7f506d987805aa42 x86_64/corporate/2.1/SRPMS/xpdf-1.01-4.3mdk.src.rpm